#kops (2019-02)

Discussions related to kops for kubernetes

Archive: https://archive.sweetops.com/kops/

2019-02-04

joshmyers avatar
joshmyers

@Jan Any gotchas with implementing aws-iam-authenticator ? did you use https://github.com/cloudposse/terraform-aws-kops-iam-authenticator-config ?

cloudposse/terraform-aws-kops-iam-authenticator-config

Terraform module to create and apply a Kubernetes ConfigMap for aws-iam-authenticator to be used with Kops to map IAM principals to Kubernetes users - cloudposse/terraform-aws-kops-iam-authentica…

Jan avatar

heya

joshmyers avatar
joshmyers
cloudposse/geodesic

Geodesic is the fastest way to get up and running with a rock solid, production grade cloud platform built on top of strictly Open Source tools. ★ this repo! https://slack.cloudposse.com/ - clou…

Jan avatar

um shew let me think

Jan avatar

I dont think so

Jan avatar

let me see what we did

Jan avatar

in the middle of a refactor, please remind me later

joshmyers avatar
joshmyers

np

Jan avatar

@Tim ball is on your court

Tim avatar
Tim
08:23:21 PM

@Tim has joined the channel

2019-02-05

joshmyers avatar
joshmyers

@Tim / @Jan How are you getting your kubecfg into place, that supports the aws-iam-authenticator ?

Tim avatar

Yes we are using the cloudposse AWS IAM authenticator config map

joshmyers avatar
joshmyers

Nice

Tim avatar

The changes in the cluster config I have already seen on your side but it was removed

Tim avatar

Will look into it tomorrow

joshmyers avatar
joshmyers

How are you writing the kubecfg ?

Tim avatar

Just adding the authentication webhook endpoint and installed a hook which pulls certs and stuff like that from s3

Tim avatar

I have seen a commit on the cloudposse side doing exactly the same but it was removed ^^

Tim avatar

Right now I don’t have the cluster config here. But I can provide it to you tomorrow

joshmyers avatar
joshmyers

Cool, just wondering as kops export kubecfg doesn’t contain the users block that uses aws-iam-authenticator so wondering how you are doing it

Tim avatar

Got it. This is what I was referring to: https://github.com/cloudposse/geodesic/pull/345/files

[kops/template] Update `aws-iam-authenticator` by aknysh · Pull Request #345 · cloudposse/geodesic

what [kops/template] Update aws-iam-authenticator settings why Kubernetes 1.10 and newer has aws-iam-authenticator installed by default, no need to add scripts to install it from S3 references …

Tim avatar

Not sure how this does “fix iam authenticator” But that’s the config you need. Additional creating certificates and the config map

Tim avatar

It says kubernetes comes with it by default but we were not able to get it working without these changes

Tim avatar
kubernetes/kops

Kubernetes Operations (kops) - Production Grade K8s Installation, Upgrades, and Management - kubernetes/kops

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

I love #variant

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

check this out

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
[kopsctl] add commands to facilitate management of cluster by osterman · Pull Request #378 · cloudposse/geodesic

what Add commands to easily rotate a kops cluster's ssh keys Add command to easily connect to a kops cluster Add command to see a kops plan why This are routine operations that are complicat…

2019-02-18

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Anyone have success launching t3.* instances with kops? https://github.com/kubernetes/kops/issues/5755

Launching `t3.medium` EC2 instance failed · Issue #5755 · kubernetes/kops
  1. What kops version are you running? The command kops version, will display this information. Version 1.10.0 (git-782ff1358) This is branch release-1.10 with #5681 cherry-picked 2. What Kubernetes…
daveyu avatar

i wanted to try, saw that support was added kops 1.11, but i got stuck figuring out how to upgrade kops in geodesic without forking packages

Launching `t3.medium` EC2 instance failed · Issue #5755 · kubernetes/kops
  1. What kops version are you running? The command kops version, will display this information. Version 1.10.0 (git-782ff1358) This is branch release-1.10 with #5681 cherry-picked 2. What Kubernetes…
Jan avatar

we use t3

Jan avatar
kops version
Version 1.10.0

2019-02-19

2019-02-22

Jan avatar

t3 medium and large

Jan avatar

and c5 large

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

ok, are you on kops 1.11?

2019-02-24

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

has anyone looked into using “App Mesh” with kops?

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
awslabs/aws-app-mesh-examples

AWS App Mesh is a service mesh that you can use with your microservices to manage service to service communication. - awslabs/aws-app-mesh-examples

    keyboard_arrow_up